ANZ, the third largest bank in Australia, was an early adopter of cloud and has determined how it can safely use public cloud services as part of its technology platform, Patrick Maes, CTO and general manager for technology strategy and enterprise architecture at ANZ, said during a Technology Forum session at the SIBOS conference in Dubai. Maes says that ANZ uses both internal (private) and public cloud technologies to support the bank.

Central to ANZ's use of public cloud is its "cypher cloud" capabilities, which allow the bank to split personal identifiable information from banking data so data that is housed in the cloud is done so anonymously. "There is non-identifiable data and identifiable data," Maes commented during the "Cloud Control for Major Gains" session. "If you split it up, you can put non identifiable in the cloud and still be in compliance with regulations." In other words, customer data that is in the public cloud is depersonalized.

This allows ANZ to expand its operations across the Asia Pacific region, which is part of the bank's growth strategy. "We are in 25 countries," Maes commented. "How do you build an IT capability that fits in each market?" With operations in 25 markets, ANZ needs a flexible architecture. For instance, a new market for ANZ may have two branches at the beginning of the year, but 12 months later it may have 20 branches. Building the technology infrastructure internally would be too costly and ridged, Maes added. "Public cloud gives you an elasticity so the IT could adapt to the size of the marketplace."

[To learn more about storage in the cloud, register for Interop here and check out the “Outgrowing Your Data Centers? Look to the Cloud for Relief” session on October 4 in NYC.]

Relying on a hybrid public/private cloud helps ANZ reduce time to market more than it reduces cost. "Public cloud is not so much about cost … since public cloud services are still very young," Maes says. "Where cloud is valuable is time to market. You reduce time to market by 50 to 80%."

In order to consider an external cloud vendor, Maes noted the vendor must agree to the same rules and service levels that ANZ could provide internally. "The cloud provider is treated exactly the same as any third-party outsourcing relationship," Maes said. "You have to monitor and evaluate constantly, because that is how the regulators will treat the relationship. … If you apply the same rules, there is no difference between public and private cloud."

ANZ has been able to move to the private cloud because it started its internal cloud projects years ago, Maes said. "We started by virtualizing" ANZ's infrastructure, he added. "Then we built the internal cloud, with a focus on Microsoft applications, database as a service and email as a service, for instance."

Maes does have a word of warning however when it comes to the public cloud. "From a people and governance perspective, you need to make sure cloud contracts are negotiated by IT people," Maes said, which received some laughter from the audience. "Whenever business people buy cloud, they get it wrong and it it never works out."

Maes' last point, while humorous, is also very true, many of the problems companies face is when non-technology people buy technology. With all the talk of the increased collaboration of IT and the business, and the melding of roles, it is still important to have the people who know the technology best involved in the purchasing decisions.